manage lewis with nix

move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform
2023-12-25 19:22:22 +01:00 · 2023-12-25 19:22:22 +01:00 · 111bf68a0a
commit 111bf68a0a
parent d7ef46b642
92 changed files with 2730 additions and 26 deletions
--- a/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2
+++ b/legacy/projects/docker_swarm/ansible/roles/jitsi/docker-stack.yml.j2
@ -0,0 +1,87 @@
+# vi: ft=yaml
+version: '3.5'
+
+networks:
+  traefik:
+    external: true
+  jitsi:
+
+services:
+  web:
+    image: jitsi/web:stable-8218
+    environment:
+      - DISABLE_HTTPS=1
+      - ENABLE_AUTH=0
+      - ENABLE_GUESTS=1
+      - ENABLE_IPV6=1
+      - ENABLE_LETSENCRYPT=0
+      - PUBLIC_URL=https://meet.pim.kunis.nl
+      - TZ=Europe/Amsterdam
+    networks:
+      - jitsi
+      - traefik
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.jitsi-web.entrypoints=websecure
+        - traefik.http.routers.jitsi-web.rule=Host(`meet.pim.kunis.nl`)
+        - traefik.http.routers.jitsi-web.tls=true
+        - traefik.http.routers.jitsi-web.tls.certresolver=letsencrypt
+        - traefik.http.services.jitsi-web.loadbalancer.server.port=80
+        - traefik.http.routers.jitsi-web.service=jitsi-web
+        - traefik.docker.network=traefik
+
+  prosody:
+    image: jitsi/prosody:stable-8218
+    expose:
+      - '5222'
+      - '5347'
+      - '5280'
+    environment:
+      - AUTH_TYPE=internal
+      - ENABLE_AUTH=0
+      - ENABLE_GUESTS=1
+      - ENABLE_IPV6=1
+      - ENABLE_LOBBY=1
+      - JIBRI_RECORDER_PASSWORD={{ jitsi_password }}
+      - JIBRI_XMPP_PASSWORD={{ jitsi_password }}
+      - JICOFO_AUTH_PASSWORD={{ jitsi_password }}
+      - JIGASI_XMPP_PASSWORD={{ jitsi_password }}
+      - JVB_AUTH_PASSWORD={{ jitsi_password }}
+      - PUBLIC_URL=https://meet.pim.kunis.nl
+      - TZ=Europe/Amsterdam
+    networks:
+      jitsi:
+        aliases:
+          - xmpp.meet.jitsi
+
+  jicofo:
+    image: jitsi/jicofo:stable-8218
+    environment:
+      - AUTH_TYPE=internal
+      - ENABLE_AUTH=0
+      - JICOFO_AUTH_PASSWORD={{ jitsi_password }}
+      - SENTRY_DSN=0
+      - TZ=Europe/Amsterdam
+    depends_on:
+      - prosody
+    networks:
+      - jitsi
+
+  jvb:
+    image: jitsi/jvb:stable-8218
+    ports:
+      - '54562:54562/udp'
+    environment:
+      - JVB_ADVERTISE_IPS=84.245.14.149,192.168.30.8
+      - JVB_AUTH_PASSWORD={{ jitsi_password }}
+      - JVB_PORT=54562
+      - PUBLIC_URL=https://meet.pim.kunis.nl
+      - SENTRY_DSN=0
+      - COLIBRI_REST_ENABLED=0
+      - TZ=Europe/Amsterdam
+    depends_on:
+      - prosody
+    networks:
+      - jitsi
+      - traefik
--- a/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml
+++ b/legacy/projects/docker_swarm/ansible/roles/jitsi/tasks/main.yml
@ -0,0 +1,5 @@
+- name: Deploy Docker stack
+  docker_stack:
+    name: jitsi
+    compose:
+      - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
--- a/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml
+++ b/legacy/projects/docker_swarm/ansible/roles/jitsi/vars/main.yml
@ -0,0 +1,8 @@
+jitsi_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  66633139653639396435333239316536326366613338646531373063306333383562613462316561
+  6630373435326631376362643961343936626238663332630a623631613532366539633637333032
+  35383031306566613466643066366361663039633864643733356366386339366265326237653739
+  3062313832313638330a636131393130646564366563626430346436656236333961306363633435
+  39353934386631633132306562396430303738393235656363356666663934626161363365343162
+  6130346338333734653961633037386133396332643831363939